f3dcb69d2eaf7656648292477950d7898c34734ee7ac35013cce543d102660f2

Sharing

Copy URL Twitter E-mail

General

Target

f3dcb69d2eaf7656648292477950d7898c34734ee7ac35013cce543d102660f2
Size

224KB
MD5

0661b2e216022f19050ed88efc575516
SHA1

d767f01f69c2df45be5b5f977dace540cd09a083
SHA256

f3dcb69d2eaf7656648292477950d7898c34734ee7ac35013cce543d102660f2
SHA512

ceed4d1161127e5734e2c5709610b485f8ee0bd08c25d821d008d29241c6709d513f4a64c6c8dabc83fab85a9d6f50c669d5b32057fccc4991251eb6ea523d05
SSDEEP

6144:ygQbrIb/LZYtU/ZemF/Am2WPTFim0yGCOnSK8QFgpgW6:TgrILL6CHZ2W5abNnB8

Score

N/A

Malware Config

Signatures

Files

f3dcb69d2eaf7656648292477950d7898c34734ee7ac35013cce543d102660f2
.exe windows x86

b6fce60dbf23de19a6b6fad1155ecaed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
TlsAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
VirtualAlloc
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetHandleCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
SetEnvironmentVariableA

user32

GetActiveWindow
AdjustWindowRectEx
CreateWindowExW
LoadIconA
SetWindowPos
InflateRect
GetMenuStringW
DestroyIcon
ReleaseDC
CheckMenuItem
DestroyMenu
TrackPopupMenu
DrawFocusRect
ReleaseCapture
OffsetRect
SetWindowTextW
GetSubMenu
AllowSetForegroundWindow
SetMenuItemInfoA
RegisterClassW
CreateWindowExA

ole32

RegisterDragDrop
CoTaskMemFree
CLSIDFromProgID
CoLockObjectExternal
CoTaskMemAlloc
OleInitialize
CoRegisterSurrogate
OleUninitialize
CoRegisterMessageFilter
StringFromCLSID
RevokeDragDrop
CoFreeUnusedLibraries
CoRevokeClassObject
OleFlushClipboard
OleRun
CreateStreamOnHGlobal
CoQueryProxyBlanket
CLSIDFromString
CoUninitialize
CoCreateGuid
CoDisconnectObject
CoInitialize
ReleaseStgMedium
CoGetClassObject
CreateBindCtx
GetRunningObjectTable
CoCreateInstance
CoInitializeSecurity
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes

advapi32

CryptReleaseContext
RegCloseKey
OpenThreadToken
RegQueryInfoKeyW
RegSetValueExW
CryptDestroyHash
AllocateAndInitializeSid
RegOpenKeyExW
GetLengthSid
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
SetSecurityDescriptorDacl
RegDeleteValueW
AdjustTokenPrivileges
RegQueryValueExW
RevertToSelf
InitializeSecurityDescriptor
RegOpenKeyExA
QueryServiceStatus
RegEnumValueW
InitializeAcl
CryptGenRandom
RegCreateKeyExW
RegEnumKeyExW
RegDeleteValueA
OpenServiceW
CryptAcquireContextW
CryptHashData
GetTokenInformation
RegDeleteKeyW
RegEnumValueA
RegCreateKeyExA
AddAccessAllowedAce
FreeSid
EqualSid
OpenProcessToken
LookupPrivilegeValueA
CryptCreateHash
CryptAcquireContextA
DeregisterEventSource
RegDeleteKeyA
CloseServiceHandle
AddAccessAllowedAceEx

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6fce60dbf23de19a6b6fad1155ecaed

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 152KB - Virtual size: 322KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 152KB - Virtual size: 322KB

.rsrc
Size: 12KB - Virtual size: 10KB